1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-11-04 08:54:20 -05:00
denoland-deno/cli/bench/testdata/npm/hono/dist/utils/jwt/jwt.js

102 lines
3.7 KiB
JavaScript
Raw Normal View History

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.decode = exports.verify = exports.sign = void 0;
const encode_1 = require("../../utils/encode");
const types_1 = require("./types");
const types_2 = require("./types");
var CryptoKeyFormat;
(function (CryptoKeyFormat) {
CryptoKeyFormat["RAW"] = "raw";
CryptoKeyFormat["PKCS8"] = "pkcs8";
CryptoKeyFormat["SPKI"] = "spki";
CryptoKeyFormat["JWK"] = "jwk";
})(CryptoKeyFormat || (CryptoKeyFormat = {}));
var CryptoKeyUsage;
(function (CryptoKeyUsage) {
CryptoKeyUsage["Ecrypt"] = "encrypt";
CryptoKeyUsage["Decrypt"] = "decrypt";
CryptoKeyUsage["Sign"] = "sign";
CryptoKeyUsage["Verify"] = "verify";
CryptoKeyUsage["Deriverkey"] = "deriveKey";
CryptoKeyUsage["DeriveBits"] = "deriveBits";
CryptoKeyUsage["WrapKey"] = "wrapKey";
CryptoKeyUsage["UnwrapKey"] = "unwrapKey";
})(CryptoKeyUsage || (CryptoKeyUsage = {}));
const param = (name) => {
switch (name.toUpperCase()) {
case 'HS256':
return {
name: 'HMAC',
hash: {
name: 'SHA-256',
},
};
case 'HS384':
return {
name: 'HMAC',
hash: {
name: 'SHA-384',
},
};
case 'HS512':
return {
name: 'HMAC',
hash: {
name: 'SHA-512',
},
};
default:
throw new types_2.JwtAlgorithmNotImplemented(name);
}
};
const signing = async (data, secret, alg = types_1.AlgorithmTypes.HS256) => {
if (!crypto.subtle || !crypto.subtle.importKey) {
throw new Error('`crypto.subtle.importKey` is undefined. JWT auth middleware requires it.');
}
const cryptoKey = await crypto.subtle.importKey(CryptoKeyFormat.RAW, (0, encode_1.utf8ToUint8Array)(secret), param(alg), false, [CryptoKeyUsage.Sign]);
return await crypto.subtle.sign(param(alg), cryptoKey, (0, encode_1.utf8ToUint8Array)(data));
};
const sign = async (payload, secret, alg = types_1.AlgorithmTypes.HS256) => {
const encodedPayload = await (0, encode_1.encodeBase64URL)(JSON.stringify(payload));
const encodedHeader = await (0, encode_1.encodeBase64URL)(JSON.stringify({ alg, typ: 'JWT' }));
const partialToken = `${encodedHeader}.${encodedPayload}`;
const signature = await (0, encode_1.arrayBufferToBase64URL)(await signing(partialToken, secret, alg));
return `${partialToken}.${signature}`;
};
exports.sign = sign;
const verify = async (token, secret, alg = types_1.AlgorithmTypes.HS256) => {
const tokenParts = token.split('.');
if (tokenParts.length !== 3) {
throw new types_2.JwtTokenInvalid(token);
}
const { payload } = (0, exports.decode)(token);
if (payload.nbf && payload.nbf > Math.floor(Date.now() / 1000)) {
throw new types_2.JwtTokenNotBefore(token);
}
if (payload.exp && payload.exp <= Math.floor(Date.now() / 1000)) {
throw new types_2.JwtTokenExpired(token);
}
const signature = await (0, encode_1.arrayBufferToBase64URL)(await signing(tokenParts.slice(0, 2).join('.'), secret, alg));
if (signature !== tokenParts[2]) {
throw new types_2.JwtTokenSignatureMismatched(token);
}
return true;
};
exports.verify = verify;
// eslint-disable-next-line
const decode = (token) => {
try {
const [h, p] = token.split('.');
const header = JSON.parse((0, encode_1.decodeBase64URL)(h));
const payload = JSON.parse((0, encode_1.decodeBase64URL)(p));
return {
header,
payload,
};
}
catch (e) {
throw new types_2.JwtTokenInvalid(token);
}
};
exports.decode = decode;